From 584cc783978fd0fbe919231da6d00d4a23e07660 Mon Sep 17 00:00:00 2001 From: Chris Murphy Date: May 28 2020 19:25:41 +0000 Subject: formatting 6 --- diff --git a/hibernationstatus.md b/hibernationstatus.md index 91c1751..84e6750 100644 --- a/hibernationstatus.md +++ b/hibernationstatus.md @@ -42,7 +42,7 @@ We would like to see an install time means of enabling hibernation retained via - signed and encrypted hibernation image [4]. -*Note:* This is the most central nugget needed for limited hibernation support. +*Note:* This is the most central nugget needed for limited hibernation support. Encrypted swap is inadequate because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be both signed and encrypted. **Nice to have enhancements to hibernation:** @@ -52,7 +52,7 @@ We would like to see an install time means of enabling hibernation retained via [1] -[#121 Support for hibernation?](https://pagure.io/fedora-workstation/issue/121) +[#121 Support for hibernation?](https://pagure.io/fedora-workstation/issue/121) [#120 Anaconda creates way too much swap space](https://pagure.io/fedora-workstation/issue/120) [2] @@ -63,7 +63,7 @@ We would like to see an install time means of enabling hibernation retained via [LWN: The pseudo cpuidle driver](https://lwn.net/Articles/820870/) [4] -It's not enough to encrypt swap because encryption alone provides no integrity. Even though there is an authentication component to the encryption, the image can't be said to be authentic -- as-in trustworthy. To provide the required trust and confidentiality, the hibernation image needs to be signed and encrypted. Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. + Joey Lee @ SUSE recently confirmed [this lkml email](https://lkml.org/lkml/2019/7/10/601) is the latest status of that work. [5] Developing this means hibernation could be enabled post-install, and more easily serve competing use cases. Use cases that don't need hibernation avoid the space wasted for a dedicated and unused swap partition. Use cases that need hibernation can be supported without a swap partition being created at install time.